CVE-2026-12786
Ezbsystems UltraISO Premium Edition Kernel Driver bootpt64.sys access control
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the library bootpt64.sys of the component Kernel Driver. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
| CWE | CWE-284 CWE-266 |
| Vendor | ezbsystems |
| Product | ultraiso premium edition |
| Published | Jun 21, 2026 |
Stay Ahead of the Next One
Get instant alerts for ezbsystems ultraiso premium edition
Be the first to know when new high vulnerabilities affecting ezbsystems ultraiso premium edition are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Ezbsystems / UltraISO Premium Edition
9.0 9.1 9.2 9.3 9.4 9.5 9.6 9.7 9.8 9.9 9.10 9.11 9.12 9.13 9.14 9.15 9.16 9.17 9.18 9.19 9.20 9.21 9.22 9.23 9.24 9.25 9.26 9.27 9.28 9.29 9.30 9.31 9.32 9.33 9.34 9.35 9.36 9.37 9.38 9.39 9.40 9.41 9.42 9.43 9.44 9.45 9.46 9.47 9.48 9.49 9.50 9.51 9.52 9.53 9.54 9.55 9.56 9.57 9.58 9.59 9.60 9.61 9.62 9.63 9.64 9.65 9.66 9.67 9.68 9.69 9.70 9.71 9.72 9.73 9.74 9.75 9.76
References
vuldb.com: https://vuldb.com/vuln/372528 vuldb.com: https://vuldb.com/vuln/372528/cti vuldb.com: https://vuldb.com/cve/CVE-2026-12786 vuldb.com: https://vuldb.com/submit/835614 winslow1984.com: https://winslow1984.com/books/cve-collection/page/ultraiso-premium-976-kernel-driver-bootpt64sys-local-privilege-escalation
Credits
๐ winslow1984 (VulDB User) VulDB CNA Team